Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796 Chapter 9, Page 363 Prof. Michael P. Harris ITSY 2430 Intrusion Detection Name: __________________ Chapter Quiz 09 Date: ________ Chapter Review Questions, Choosing and Designing Firewalls 1. A firewall can do which of the following? (Choose all that apply.) 2. What is the primary difference between a screened host and a dual-homed host setup? 3. A firewall is an effective standalone security solution. True or False? 4. What is the main problem with a screening router setup? 5. Name three functions that most firewalls can’t handle that need to be performed by additional software products. 6. What enables servers in a server farm to work together to handle requests? 7. Why would a company consider the expense and extra work of purchasing and installing clusters of servers and creating multiple DMZs? 8. Why create a protected subnet within an already protected internal network? (Choose all that apply.) Page 1 of 3 Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796 Chapter 9, Page 363 Prof. Michael P. Harris 9. Stateless packet filters decide whether to allow or block packets based on which of the following? 10. A corporation with several branch offices has decided to maintain multiple firewalls, one to protect each branch office’s network. What’s the most efficient way to maintain these firewalls? 11. Software or hardware configured to monitor traffic from the internal network to the Internet is called? (Choose all that apply.) 12. Which of the following is an advantage of using a software firewall rather than a hardware firewall? 13. Which of the following is an advantage of using a hardware firewall rather than a software firewall? (Choose all that apply.) 14. Almost every type of firewall depends on what configurable feature for its effectiveness? 15. Given that many kinds of network traffic can pass through a network gateway, what’s the problem with creating a long complex rule base designed to handle every possible situation? (Choose all that apply.) 16. Where should the most important rules in a rule base go? 17. Which of the following is a guideline for developing a firewall rule base? Page 2 of 3 Guide to Network Defense and Countermeasures, 2nd Edition, ISBN: 1418836796 Chapter 9, Page 363 Prof. Michael P. Harris 18. A firewall policy does which of the following? (Choose all that apply.) 19. A rule base should end with a(n) __________rule. 20. The rule base should allow internal clients unrestricted and unfiltered Internet access. True or False? Page 3 of 3